wget src/ftp.c: stack overflow in symlink readlink buffer sizing

In wget's FTP symlink handling, code allocates a stack buffer with alloca(strlen(f->linkto)+1) then calls readlink(con->target, buf, len). It later assumes readlink's return value n cannot be equal to len, and uses memcmp(link_target,f->linkto,n) under that assumption. If readlink writes len bytes into the buffer, the stack buffer can be overrun because the caller passed len as the writable size and treated len as if only len-1 bytes could be produced.